Skip to content

Red Team Expert OT

  • Utrecht, Utrecht, Netherlands
Red Team

Job description

About Northwave

From our head office in Utrecht, we have been providing 24*7 cybersecurity services for more than 17 years. In doing so, we not only look at the technology, but also at the human behaviour within the organisation and thus provide integrated security services. That's why organisations that take their cyber security seriously like to work with us. We take the complexity of security management off their hands, leaving them in control.

We are a fast-growing organization of 250+ employees, which is the market leader in the field of information security. Our 100% self-financed European company is on a mission to make high-quality, integrated information security accessible to organizations that depend on their digital business. Northwave stands for diversity, inclusivity, quality and long-term relationships.

Our Red Team

Our slogan "You scope it, we pwn it" is based on what red teamers live for: hacking.

What sets our team apart from other teams is not only that we perform pen tests, OT security assessments and red team exercises. Within Northwave, we also advise our colleagues from other departments in the field of resilience and business consultancy and, if necessary, we support the Computer Emergency Response Team (CERT) with ransomware incidents.

Thanks to our extensive knowledge pool, consisting of Northwave's Blue Team, the Threat Intelligence team, the CERT, the Reverse Engineering team and many other disciplines, we are able to support customers with today's challenges. No two tests are the same, and for each test we think along with you about what is really necessary, even outside of our red team portfolio. What we are particularly proud of is our role as a TIBER and ART provider. In addition, we are not only active in the Benelux but also in the DACH region and Nordics, as long as we can make our customers safer. And this is only part of our work within the Red Team.

For this role within our Red Team, the focus is partly on testing industrial environments, but also testing IT environments is part of the job description. Industrial processes are often critical and essential for business continuity. Linking these industrial processes to the office network, and even to the internet, is no longer an exception. Sometimes this connection is even crucial for the continuity of, for example, a production environment. However, this connectivity also increases the risk of cyberattacks on industrial processes. Such an attack can not only jeopardize continuity, but also pose risks to things like intellectual property, by letting them fall into the wrong hands. In addition, cyber attacks can have consequences for the safety of people and the environment.

The Role

Within Northwave, we have seen an increase in requests for OT security for a number of years now, including for OT security assessments within the red team. We are therefore looking for an experienced Red Team Expert with OT interest or experience.

As a Red Team Expert OT, one of your tasks is to meticulously test the industrial processes of our customers. By carefully planning and executing your security tests, and then reporting the results and providing feedback, you ensure that our customers can continuously optimize their security and keep it up-to-date. While conducting your security tests, you also keep a close eye on security.

In addition to carrying out tests in the field of OT in response to customer questions, you will also be involved in other tests from our portfolio, which our customers take from us. Moreover, there is room to further develop both yourself and your colleagues with the knowledge and skills you bring from your OT experience. We hope that you, in collaboration with our Cyber Fusion Centre, will be willing to share your experience in order to strengthen our vision and offering in the field of OT and to keep our customers optimally secured.

What can you expect from us?

  • Lease car or  travel allowance
  • Working from home is not a problem for us
  • Macbook and iPhone
  • 25 vacation days
  • Good pension plan
  • 250+ international and passionate colleagues to collaborate with and learn from
  • Training budget for e.g. OSCP, OSEP, CRTO and VCA or equivalent training courses
  • Fun Northwave events and parties, access to exciting conferences and space for your own input
  • An appropriate salary for the knowledge and skills you bring to our company

Job requirements

  • Several years of experience in performing vulnerability assessments and penetration testing in both IT and OT environments.
  • Has knowledge or experience of network security. Things like protocols, firewalls, intrusion detection systems (IDS), virtual private networks (VPN), but also security protocols like TLS and SSH hold no secrets for you.
  • Is interested in current security measures and developments for the OT environment.
  • Report and present complex technical findings in a clear and engaging way to all levels within an organization
  • It is an advantage if you have a technical HBO or WO background and/or are in possession of certifications such as OSCP, OSEP, CRTO and/or VCA (or are willing to obtain them).

We know there's a lot you should know and be able to do, but what we'd really like is get in touch with you to see if there is a  match! So if you have any doubts or questions, please let us know!


What is important to you in your next step? We are happy to start a conversation. Apply directly or contact our recruiter Bastiaan first.

+31 6 45 880 490

  • Utrecht, Utrecht, Netherlands
Red Team


  • Utrecht, Utrecht, Netherlands
Red Team